MAX_ALLOW_USERS
Ben Lindstrom
mouring at etoh.eviladmin.org
Thu Feb 6 10:03:41 EST 2003
I think we need to discuss the usage of it before jumping the gun and
changing it.
WHY do do you have 256 AllowUser? Is it a case where you would be better
off with 20 DenyUser lines?
I'd rather see the code (which I think would not be too much of a problem)
be dynamically allocated if it really needs to be upped, but I think we
are running into the case of abuse of a feature without understanding it.
- Ben
On Wed, 5 Feb 2003, Randy Zagar wrote:
> Or, even better, make AllowUser support netgroups.
>
> But I think, from an architecture perspective, that James is right...
> This kind of parameter should be in sshd_config unless there's a
> kernel-related limitation that can't be avoided.
>
> -RZ
>
> Ben Lindstrom wrote:
> >
> >>Hey everyone,
> >>
> >>I have been using sftp for quite some time now and we have just hit 256
> >>sftp users. Line 21 of servconf.h reads:
> >>
> >>#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */
> >>
> >>I am curious why this is in a header file and not something that is in
> >>sshd_config that can be changed without recompile?
> >>
> >
> >
> > You have 256 users listed in AllowUser ?! Maybe you need to consider
> > moveing to a denylist instead.
> >
> > - Ben
> >
> >
> >>Thanks in advance!
> >>
> >>--
> >>James Dennis
> >>Harvard Law School
> >>
> >>"Not everything that counts can be counted,
> >>and not everything that can be counted counts."
> >>
> >>_______________________________________________
> >>openssh-unix-dev mailing list
> >>openssh-unix-dev at mindrot.org
> >>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> >>
> >
> >
> > _______________________________________________
> > openssh-unix-dev mailing list
> > openssh-unix-dev at mindrot.org
> > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list